TP-Link is aware of vulnerabilities in the WPA2 security protocol that affect some TP-Link products. An attacker within wireless range of a Wi-Fi network can exploit these vulnerabilities using key reinstallation attacks (KRACKs). According to the research paper on KRACKs by Mathy Vanhoef that brought this vulnerability to the attention of vendors, the attack targets the WPA2 handshake and does not exploit access points, but instead targets clients. All vulnerabilities can be fixed through software updates since the issues are related to implementation flaws.

TP-Link has been working to solve this problem and will continue to post software updates at: www.tp-link.com/support.html. Products with TP-Link Cloud enabled will receive update notifications in the web management interface, Tether App or Deco App automatically.

More information about KRACK can be found through the link: https://www.krackattacks.com. (citiți mai departe…)